head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.20
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.18
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.16
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.14
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.12
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.10
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.8
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.6
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.4
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.2
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.1.0.4
	pkgsrc-2007Q4-base:1.1
	pkgsrc-2007Q3:1.1.0.2
	pkgsrc-2007Q3-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2008.03.29.04.03.41;	author obache;	state dead;
branches;
next	1.1;

1.1
date	2007.08.02.14.54.34;	author drochner;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Swith to vender supplied patch file xpdf-3.02pl1.patch.
@
text
@$NetBSD: patch-ba,v 1.1 2007/08/02 14:54:34 drochner Exp $

--- xpdf/Stream.cc.orig	2007-02-27 23:05:52.000000000 +0100
+++ xpdf/Stream.cc
@@@@ -410,15 +410,13 @@@@ StreamPredictor::StreamPredictor(Stream 
   ok = gFalse;
 
   nVals = width * nComps;
-  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
-      nComps >= INT_MAX / nBits ||
-      width >= INT_MAX / nComps / nBits ||
-      nVals * nBits + 7 < 0) {
-    return;
-  }
   pixBytes = (nComps * nBits + 7) >> 3;
   rowBytes = ((nVals * nBits + 7) >> 3) + pixBytes;
-  if (rowBytes <= 0) {
+  if (width <= 0 || nComps <= 0 || nBits <= 0 ||
+      nComps > gfxColorMaxComps ||
+      nBits > 16 ||
+      width >= INT_MAX / nComps ||      // check for overflow in nVals 
+      nVals >= (INT_MAX - 7) / nBits) { // check for overflow in rowBytes
     return;
   }
   predLine = (Guchar *)gmalloc(rowBytes);
@


1.1
log
@add a vendor supplied patch to fix an integer overflow vulnerability
(CVE-2007-3387)
@
text
@d1 1
a1 1
$NetBSD$
@